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DETAILED ACTION 

This Office Action is in response to the communication filed on 06/10/2008. 
Claims 1, 9, and 25 have been amended. 

Claim 27 has been added. 

Claims 1-27 have been examined and are pending. 

Response to Arguments 
Applicant's arguments filed 06/10/2008 have been fiiUy considered but they are not persuasive. 

The Apphcant argues with the following items: 

(A) There is no teaching or suggestion of receiving a backup data package corresponding 
to the data package sent to the personal device from the secure processing point. 

(B) There is no disclosure in Craft of receiving a backup data package encrypted with a 
unique secret chip key stored in a tamper-resistant secret storage of an integrated circuit chip 
included in the personal device. 

(C) The combination as asserted by the Office appears to be nothing more than hindsight 
reconstruction in order to try to arrive at the actions recited in claim 1 . 

(D) Claim 1 is not suggested by a combination of Mauro and Craft fiirther in view of 
Okimoto. 

The Examiner respectfiilly disagrees with the Applicant with the following reasons: 
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Per (A): Craft teaches receiving a backup data package corresponding to the data 
package sent to a personal device from the secure processing point [Craft: Jig. 2; par. [0021] 
and par. [0019]]; A server system receives encrypted content data using permanent, hardware- 
embedded, cryptographic keys (tamper-resistant secret storage) from a client] 

Per (B); Craft teaches receiving a backup data package encrypted with a unique secret 
chip key stored in a tamper-resistant secret storage of chip [Craft: fig. 2; par. [0021] and par. 
[0019]; A server system receives encrypted content data using permanent, hardware-embedded, 
cryptographic keys (tamper-resistant secret storage) from a client]. 

Mauro teaches storing sensitive data in a tamper-resistant secret storage of chip an 
integrated circuit chip included in the personal device [Mauro: par. [0037]; memory 254 is a 
non-volatile memory that may be used to stored sensitive data; par. [0039]; "secure processor 
250 and memory 254 are implemented as two separate units enclosed within secure/or tamper 
resistance/evident unit"]. 

Per (C): In response to applicant's argument that the examiner's conclusion of 
obviousness is based upon improper hindsight reasoning, it must be recognized that any 
judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight 
reasoning. But so long as it takes into account only knowledge which was within the level of 
ordinary skill at the time the claimed invention was made, and does not include knowledge 
gleaned only from the applicant's disclosure, such a reconstruction is proper. See In re 
McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971). 

Per (D): 
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In response to applicant's argument that there is no suggestion to combine the references, 
the examiner recognizes that obviousness can only be established by combining or modifying the 
teachings of the prior art to produce the claimed invention where there is some teaching, 
suggestion, or motivation to do so found either in the references themselves or in the knowledge 
generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 
USPQ2d 1596 (Fed. Cir. 1988) and/« re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 
1992). In this case, it is proper to combine teaching of Mauro and Craft and fiirther in view of 
Okimoto because it would provide because it would ensure security of the communication 
between client devices and servers [Craft: par. [0013], lines 1-4] and securely delivering 
encrypted content on demand with access control [Okitomo: Col. 3, lines 67 to Col. 4, line 1]. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 

manner in which the invention was made. 

Claims 1, 3-4, 6, 8, 9, 11-12, 14, 17-18, 19-23, 25, and 27 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Mauro (US 2002/0147920) in view of Craft et al. (US 
2002/0150243) fiirther in view of Okimoto et al. (US 6,978,022 B2). 



As per Claim 1; 
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Mauro discloses a method for managing cryptographic keys that are specific to a personal 
device, comprising: 

retrieving in a secure processing point separated fi-om and arranged in communication 
with the personal device, a unique chip identifier from a read-only storage of an integrated circuit 
chip included in the personal device [Mauro: par. [0038]); A read only memory (ROM 252) 
stores secure parameters (e.g., a unique chip identifier) via a secure operation (e.g., during 
tlie manufacturing phase) and become available for use thereafter (e.g. retrieving a unique 
chip identifier)]. 

the secure processing point storing a data package in the personal device, the data 
package including at least one cryptographic key [Mauro: par. [0034], lines 1-7; A secure unit 
240 to perform all secure processing and store all "sensitive" data (e.g. cryptographic key) 
by various cryptographic technique]. 

storing sensitive data in a tamper-resistant secret storage of chip an integrated circuit chip 
included in the personal device [Mauro: par. [0037]; memory 254 is a non-volatile memory 
that may be used to stored sensitive data; par. [0039]; "secure processor 250 and memory 
254 are implemented as two separate units enclosed within secure/or tamper 
resistance/evident unit"] 

Mauro does not disclose: 

receiving at the secure processing point, in response to storing the data package, 
associating the unique chip identifier with the received backup data package from the personal 
device, and storing the backup data package and the associated unique chip identifier. 

However, Craft et al. disclose: 



Application/Control Number: 10/696,495 Page 6 

Art Unit: 2139 

receiving at the secure processing point, in response to storing the data package, a backup 
data package from the personal device, which backup data package is the data package encrypted 
with a unique secret chip key stored in a tamper-resistant secret storage of chip [Craft: fig: 2; 
par. [0021] and par. [0019]; A server system receives encrypted content data using 
permanent, hardware-embedded, cryptograpliic l^eys (tamper-resistant secret storage) 
from a client.] 

associating the unique chip identifier with the received backup data package [Craft: par. 
[0041], lines 7-13; "Tlie manufacture of tlie client CPU chips also has knowledge of a server 
public key that is associated with a server private key that may or may not be known to the 
manufacturer"] ; 

storing the backup data package and the associated unique chip identifier in a permanent 
public database separated from the personal device [Craft: par. [0043], lines 1-6 and figure 2; 
A client serial number (216) is equivalent to a unique chip identifier and a client public key 
datastore (222) is equivalent to a permanent public database]. 

Thus, it would have been obvious to the person of ordinary skill in the art at the time of 
the invention was made to combine the method of Mauro by including other feature such as 
receiving in response to storing the data package, associating the unique chip identifier with the 
received backup data package , and storing the backup data package and the associated unique 
chip identifier of Craft because it would ensure security of the communication between client 
devices and servers [paragraph [0013], lines 1-4, Craft et al.] 

Although the combination of Mauro and Craft teaches the claimed subject matter, they 
are not so clear of disclosing the secure processing point being separated from the personal 
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device. On the hand, Okimoto teaches this limitation in Column [Okimoto: Col. 5, lines 52-53 
of Oklmoto]. 

Thus, it would have been obvious to the person of ordinary skill in the art at the time the 
invention was made to combine the method of Mauro and Craft by including teaching of 
Okimoto because it would securely deliver encrypted content on demand with access control 
[Col. 3, lines 67 to Col. 4, line 1, Okimoto]. 

As per Claim 25; 

Claim 25 is essentially the same as claim 1 except that it sets forth the claimed invention as an 
apparatus fiirther comprising a processor [Mauro, fig. 3; box 250, box 230] rather a method and 
rejected under the same reasons as applied above. 

As per Claim 3; 

The combination of teaching Mauro, Craft, and Okimoto teach the claimed subject 

matter. 

Craft et al. further disclose wherein the at least one cryptographic key includes at least 
one key to be used for a secure, key based communication channel between a personal device 
manufacturer and the personal device [Craft: par. [0038], figure 2; "a data processing system 
for secure communication of application code and content using permanent, hardware- 
embedded, cryptographic key"]. 



As per Claim 4; 
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The combination of teaching Mauro, Craft, and Okimoto teach the claimed subject 

matter. 

Craft et al. fiirther disclose the method as claimed in claim 3, wherein the at least one key 
to be used for a secure, key based communication channel includes a symmetric key [Craft: par. 
[0038], lines 1-5; par. [0060], lines 20-24. The symmetric key is a cryptographic key which 
uses trivially cryptographic key for both decryption and encryption]. 

As per Claim 6; 

The combination of teaching Mauro, Craft, and Okimoto teach the claimed subject 

matter. 

Craft et al. disclose the method as claimed in claim 3, wherein the at least one key to be 
used for a secure, key based communication channel includes a private/public key pair [Craft: 
par. [0038], par. [0032], "Public key cryptography requires each party involved in a 
communication or transaction to have a pair of key, called the public key and the private 
key"]. 

As per Claim 9: 

Mauro discloses a system for managing cryptographic keys that are specific to a personal 
device, comprising: 

at least one personal device [Mauro: fig. 1, box 110a; flg. 2] and a secure processing 
point [Mauro: fig. 2, box 240], which secure processing point is separated from and arranged in 
communication with the personal device. 



Application/Control Number: 10/696,495 Page 9 

Art Unit: 2139 

wherein the at least one personal device includes an integrated circuit chip with a unique 
chip identifier in a read-only storage and a unique secret chip key in a tamper-resistant secret 
storage [Mauro: par. [0038], lines 1-4. A read only memory (ROM 252) stores secure 
parameters (e.g., a unique chip identifier); par. [0039], lines 9-11; " secure processor 250 
and memory 254 are implemented as two separate units enclosed within a secure and/or 
tamper resistance/evident unit]; 

wherein the secure processing point includes a processor configured for retrieving the 
unique chip identifier and for storing a data package in the device, the data package including at 
least one cryptographic key [Mauro: par. [0038]; par. [0034], lines 1-7; A secure unit 240 to 
perform all secure processing and store all "sensitive" data (e.g. cryptographic key) by 
various cryptographic technique]; 

wherein the at least one personal the device includes a processor configured for 
encrypting the received data package with the unique secret chip key and transferring a resulting 
backup data package back to the secure processing point [Mauro: par. [0036], lines 8-11; 
"secure processor 250 retrieves data stored within memory 254, processor and/or encrypts 
the retrieved data, and may send the data to external elements (e.g., main processor 230 via 
bus 262)]; 

Mauro does not explicitly disclose the processor of the secure processing point is 
arranged for storing the received backup data package. 

However, Craft et al. disclose the processor of the secure processing point is arranged for 
storing the received backup data package in association with the unique chip identifier in a 
permanent public database separated fi-om the personal device [Mauro: par. [0043], lines 1-6 
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and figure 2. A client serial number (216) is equivalent to a unique chip identifier and a 
client public key datastore (222) is equivalent to a permanent public database]. 

Thus, it would have been obvious to the person of ordinary skill in the art at the time of 
the invention was made to combine the system of Mauro by including the processor of the secure 

processing point is arranged for storing the received backup data package of Craft because it 
would ensure security of the communication between client devices and servers [par. [0013], 
lines 1-4, Craft et al.]. 

Although the combination of Mauro and Craft teaches the claimed subject matter, they 
are not so clear of disclosing the secure processing point being separated from the personal 
device. On the hand, Okimoto teaches this limitation in Column [Okimoto: Col. 5, lines 52-53 
of Okimoto]. 

Thus, it would have been obvious to the person of ordinary skill in the art at the time the 
invention was made to combine the system of Mauro and Craft by including teaching of 
Okimoto because it would seciirely deliver encrypted content on demand with access control 
[Col. 3, lines 67 to Col. 4, line 1, Okimoto]. 

As per Claim 11; 

Claim 1 1 is essentially the same as claim 3 except that it sets forth the claimed invention as an 
apparatus rather a method and rejected under the same reasons as applied above. 



As per Claim 12; 
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Claim 12 is essentially the same as claim 4 except that it sets forth the claimed invention as an 
apparatus rather a method and rejected under the same reasons as applied above. 

As per Claim 14; 

Claim 14 is essentially the same as claim 6 except that it sets forth the claimed invention as an 
apparatus rather a method and rejected under the same reasons as applied above. 

As per Claim 17; 

Mauro, Craft, and Okimoto disclose a method as described in claim 1 . 

Mauro fiirther discloses a method of recovering a backup data package of a personal 
device, which backup data package has been assembled and stored in accordance with claim 1, 
the method comprising: 

reading a unique chip identifier fi'om a read-only storage of the personal device [Mauro; 
par. [0038]); A read only memory (ROM 252) stores secure parameters (e.g., a unique chip 
identifler) via a secure operation (e.g., during the manufacturing phase) and become 
available for use thereafter (e.g. retrieving a unique chip identifier)]; 

Craft fiirther discloses: 

transmitting the chip identifier to a public database [Craft; par. [0043], lines 1-6 and 
figure 2; A client serial number (216) is equivalent to a unique chip identifler and a client 
public key datastore (222) is equivalent to a permanent public database]. 

receiving from the public database the backup data package corresponding to the 
transmitted chip identifier [Craft; par. [0015]; lines 8-15; "The client forms a request 
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message, which includes the client serial number, encrypt the request with the server 
public key ad send the download request to the server... the client private key embedded in 
the client"]; and 

storing the received backup data package in the personal device [Craft: par. [0015]; 
lines 11-15; "The client serial number in the received request is used to search for client 
public key that corresponds to the client private key embedded in the client"]. 

As per Claim 18; 

Mauro discloses a personal device comprising: 

an integrated circuit chip with a unique chip identifier in a read-only storage and a 
unique secret chip key in a tamper-resistant secret storage [Mauro: par. [0038], lines 1-4. A 
read only memory (ROM 252) stores secure parameters (e.g., a unique chip identifier); par. 
[0039], lines 9-11; "secure processor 250 and memory 254 are implemented as two separate 
units enclosed within a secure and/or tamper resistance/evident unit] ; 

a memory for storing a received data package including at least one cryptographic key 
[Mauro: par. [0037], lines 1-3. A flash memory is a form of non-volatile memory which is 
equivalent to memory (130); par. [0034], lines 1-7. A secure unit 240 to perform all secure 
processing and store all "sensitive" data (e.g. cryptographic key) by various cryptographic 
technique]. 

Mauro does not explicitly disclose: 

"a processor configured for outputting the unique chip identifier"; 
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"where the processor is further configured for encrypting the received data package with 
the unique secret chip key and outputting a resulting backup data package to a permanent public 
database separated from said personal device". 
However, Craft et al. disclose: 

a processor configured for outputting the unique chip identifier [Craft: par. [0041], lines 
7-9; "each CPU chip is assigned a unique client serial number]. 

wherein the processor is fiirther configured for encrypting the received data package with 
the unique secret chip key and outputting a resulting backup data package to a permanent public 
database separated from said personal device [Craft: abstract , par. [0043], lines 1-6 and 
figure 2. Encrypting a request which includes a client serial number (216) is equivalent to 
encrypt the received data package with the unique secret chip key. The client serial 
number (216) is equivalent to a unique chip identifier and a client public key datastore 
(222) is equivalent to a permanent public database]. 

Thus, it would have been obvious to the person of ordinary skill in the art at the time of 
the invention was made to combine the system of Mauro by including the processor of the secure 
processing point is arranged for storing the received backup data package of Craft because it 
would ensure security of the communication between client devices and servers [par. [0013], 
lines 1-4, Craft et al.]. 

Although the combination of Mauro and Craft teaches the claimed subject matter, they 
are not so clear of disclosing the secure processing point being separated from the personal 
device. On the hand, Okimoto teaches this limitation in Column [Okimoto: Col. 5, lines 52-53 
of Okimoto]. 
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Thus, it would have been obvious to the person of ordinary skill in the art at the time the 
invention was made to combine the device of Mauro and Craft by including the teaching of 
Okimoto because because it would securely deliver encrypted content on demand with access 
control [Col. 3, lines 67 to Col. 4, line 1, Okimoto]. 

As per claim 19; 

The combination of teaching Mauro, Craft, and Okimoto teach the claimed subject 

matter. 

Mauro further discloses the personal device as claimed in claim 18, wherein the personal 
device includes a read-only memory storing a manufacturer public signature key, wherein the 
memory for storing the received data package is fiirther for storing a received certificate, which 
corresponds to a certificate stored in association with the backup data package in the public 
database and which has been signed with a manufacturer private signature key corresponding to 
the manufacturer public signatiire key [Mauro: par. [0077]; "The signature generation can be 
performed based on any one of the digital signature and encryption algorithms. Secure 
processor 250 may further provide the certificate that includes the remote terminal's 
public key"]. 



As per Claim 20: 

Claim 20 is essentially the same as claim 3 except that it sets forth the claimed invention as a 
personal device rather a method and rejected under the same reasons as applied above. 
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As per Claim 21: 

Claim 2 1 is essentially the same as claim 4 except that it sets forth the claimed invention as a 
personal device rather a method and rejected under the same reasons as applied above. 

As per Claim 22; 

Claim 22 is essentially the same as claim 5 except that it sets forth the claimed invention as a 
personal device rather a method and rejected under the same reasons as applied above. 

As per Claim 23; 

Claim 23 is essentially the same as claim 6 except that it sets forth the claimed invention as a 
personal device rather a method and rejected under the same reasons as applied above. 

As per Claim 25; 

Claim 25 is essentially the same as claim 1 except that it sets forth the claimed invention as an 
apparatus rather a method and rejected under the same reasons as applied above. 



As per Claim 27; 

Claim 27 is essentially the same as claim 1 except that it sets forth the claimed invention as a 
device rather a method and rejected under the same reasons as applied above. 
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Claims 2, 5, 8, 10, 13, 16, 24, and 26 are rejected under 35 U.S.C. 103(a) as being 
unpatentable Mauro (US 2002/0147920) , Craft et al. (US 2002/0150243) and Okimoto et al. 
(US 6,978,022 B2) as applied to claims 1, 9, 18, and 25 above and further in view of Messerges 
et al. (US 2002/0157002). 

As per Claim 2: 

Mauro, Craft, and Okimoto disclose the method as described in claim 1 above. 
Craft fiirther discloses the secure processing point performs: 

associating a unique device identity with the unique chip identifier [Craft: par. [0015]; 
par. [0041]; client device is equivalent to unique device identity; CPU chip is equivalent to 
unique chip identifier]; 

signing the result of said associating with a manufacturer private signature key 
corresponding to a manufacturer public signature key stored in a read-only memory of the 
device, thereby generating a certificate for the unique device identity [Craft: par. [0036]; "a 
data can be signed by computing a digital signature from the data and the private key of 
signer"]; 

storing the unique device identity and the certificate in association with the backup data 
package and the unique chip identifier in the permanent public database [Craft: par. [0043], 
lines 1-6 and figure 2; A client serial number (216) is equivalent to a unique chip identifier 
and a client public key datastore (222) is equivalent to a permanent public database] . 

Mauro, Craft, and Okimoto do not explicitly disclose storing the certificate in the device; 
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However, Messerges et al. disclose storing the certificate in the device [Craft: par. 
[0033]; "The certificate authority is preferably an off-line system, thus every time content is 
rendered it is not necessary to contact the certificate authority"]. 

Thus, it would have been obvious to the person of ordinary skill in the art at the time the 
invention was made to combine the teachings of Mauro, Craft, and Okimoto by including the 
teaching as suggested by Messerges because it would provide a security requirements of digital 
content while also providing an enjoyable user experience for the end user [Craft: Messerges, 
par. [0013]]. 

As per Claim 26: 

Claim 26 is essentially the same as claim 2 except that it sets forth the claimed invention as an 
apparatus rather a method and rejected under the same reasons as applied above. 

As per Claim 5: 

Mauro, Craft, and Okimoto disclose the method as described in claim 4 above. 

Mauro, Craft, and Okimoto do not explicitly disclose "a symmetric key is generated as a 
function of a master key and the unique device identity". 

However, Messerges et al. disclose wherein the symmetric key is generated as a function 
of a master key and the unique device identity [Messerges: par. [0041], lines 36-39; par. 
[0030]; par. [0068], lines 8-10; par. [0041], lines 36-39. A device manufacturer may be 
securely embedded keys into a user device so that each user device can be uniquely 
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identified to the other. A unique, factory installed, unit public-key of a user device is 
equivalent to master key and unique device identity]. 

Thus, it would have been obvious to the person of ordinary skill in the art at the time the 
invention was made to combine the teachings of Mauro and Craft by including the teaching as 

suggested by Messerges because it would provide a security requirements of digital content 
while also providing an enjoyable user experience for the end user [Messerges, par. [0013]]. 

As per Claim 8; 

The combination of teaching Mauro, Craft, and Okimoto teach the claimed subject 

matter. 

Craft et al. fiirther disclose the method as claimed in claim 2, wherein the personal device 
is a wireless communications terminal and the unique device identity is an identifier which 
identifies the wireless communications terminal in a wireless communications network [Craft: 
par. [0025], lines 13-16. Personal digital assistant (PDAs, client 107) is equivalent to a 
wireless personal device]. 

As per Claim 10; 

Claim 10 is essentially the same as claim 2 except that it sets forth the claimed invention as an 
apparatus rather a method and rejected under the same reasons as applied above. 



As per Claim 13; 
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Claim 13 is essentially the same as claim 5 except that it sets forth the claimed invention as an 
apparatus rather a method and rejected under the same reasons as applied above. 

As per Claim 16; 

Claim 16 is essentially the same as claim 8 except that it sets forth the claimed invention as an 
apparatus rather a method and rejected under the same reasons as applied above. 

As per Claim 24: 

Claim 24 is essentially the same as claim 8 except that it sets forth the claimed invention as a 
personal device rather a method and rejected under the same reasons as applied above. 

Claims 7 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable Mauro (US 
2002/0147920) and Craft et al. (US 2002/0150243), and Okimoto et al. (US 6,978,022 B2) as 
applied to claims 1 and 9 above in view of Ginter et al. (US patent 5,892,900). 

As per Claim 7: 

The combination of teaching Mauro, Craft, and Okimoto teach the claimed subject 

matter. 

Craft fiirther discloses generated by the secure processing point during assembly of the 
device [Craft: par. [0042], lines 1-6. Each client CPU chip has a cryptographic unit 
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(public/private key) that has been manufactured to contain programmable memory 
storage]. 

Mauro, Craft, and Okimoto do not explicitly disclose, "the private/public key pair is 
generated and store in advance in a secure database befijre assembly of the device, in which 
latter case the cryptographic keys stored in advance of assembly are removed from the secret 
database after reception of the backup data package". 

However, Ginter discloses how to generate and store in advance in a secure database 
before assembly of the device, in which latter case the cryptographic keys stored in advance of 
assembly are removed from the secret database after reception of the backup data package 
[Ginter: Col. 169, lines 9-17; claim 101. An electronic appliance 600 updates its secure 
database 610 and/or SPU 500. If an information is received, an end user's electronic 
appliance 600 requesting the electronic appliance to delete the information that has been 
transferred. The information comprises at least one or more cryptographic keys]. 

Thus, it would have been obvious to the person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Mauro, Craft, and Okimoto by including how to 
store the cryptographic keys in advance and removed from the secret database as suggested by 
Ginter because it would allow the secure database 610 item is updated or modified, a new 
encrj^tion key can be generated for updated item [Ginter, Col. 171, lines 43-46]. 

As per Claim 15: 

Claim 15 is essentially the same as claim 7 except that it sets forth the claimed invention 
as an apparatus rather a method and rejected under the same reasons as applied above. 



Application/Control Number: 10/696,495 
Art Unit: 2139 



Page 21 



Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Canh Le whose telephone number is 571-270-1380. The 
examiner can normally be reached on Monday to Friday 7:30AM to 5:00PM other Friday off. 

If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 
supervisor, Kincaid Kristine can be reached on 571-272-4063. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Canh Le/ 

Examiner, Art Unit 2139 
September 10, 2008 
/Kristine Kincaid/ 

Supervisory Patent Examiner, Art Unit 2139 



